﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;

public partial class ajax_updatepermission : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["id_user"] != null && Session["permission"] != null
            && (((int)Session["permission"]) >= 2 && ((int)Session["permission"]) <= 3))
        {
            try
            {
                int userId = Int32.Parse(Request.QueryString["userId"]);
                int projectId = Int32.Parse(Request.QueryString["projectId"]);
                int permission = Int32.Parse(Request.QueryString["permission"]);
                if (userId == 0 || projectId == 0)
                    throw new Exception("FAIL");
                int managerId = Int32.Parse(Session["id_user"].ToString());

                #region check manager is enable to access this project
                SqlParameter[] listParams = new SqlParameter[3];
                //-- param 1: @userId
                SqlParameter param = new SqlParameter("@userId", managerId);
                param.SqlDbType = SqlDbType.Int;
                param.Direction = ParameterDirection.Input;
                listParams[0] = param;

                //-- param 2: @projectId
                param = new SqlParameter("@projectId", projectId);
                param.SqlDbType = SqlDbType.Int;
                param.Direction = ParameterDirection.Input;
                listParams[1] = param;

                //-- param 3: @isAccess
                param = new SqlParameter();
                param.ParameterName = "@isAccess";
                param.SqlDbType = SqlDbType.Int;
                param.Direction = ParameterDirection.Output;
                listParams[2] = param;

                dal.ExecuteSP("proCheckAccessProject_GET", listParams);
                int enable = Int32.Parse(listParams[2].Value.ToString());
                if (enable == 0)
                    throw new Exception("FAIL");
                #endregion

                string sql = " UPDATE UserProject " +
                             " SET permission=" + comm.to_sql(permission.ToString(), "number") +
                             " WHERE userId=" + comm.to_sql(userId.ToString(), "number") + 
                             " AND projectId=" + comm.to_sql(projectId.ToString(), "number");
                if (dal.Execute(sql) == -1)
                    throw new Exception("FAIL");
                else
                    throw new Exception("OK");
            }
            catch (Exception ex)
            {
                Response.Write(ex.Message);
            }
        }
        else
        {
            Response.Write("FAIL");
        }
    }
}
